From the course: Developing Secure Software (2015)
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Sensitive data exposure countermeasures
From the course: Developing Secure Software (2015)
Sensitive data exposure countermeasures
- The most basic and fundamental countermeasures against sensitive information exposure are access control and encryption. There are primarily three aspects of aspect control, which software developers should be aware of. Identification is usually the first step in access control and retrieves information on who the supplicant claims to be. Authentication then tries to verify the claimed identity by using credentials such as passwords and biometrics data. Authorization is the step where the supplicant receive its permissions to have access to protected resources. The permissions need to be carefully controlled according to the need to know of the supplicant. When considering encryption for protecting your information, you need to take many factors into account, such as strength of encryption algorithms, configuration of encryption scheme of your choice, like key length, different scenarios in which attackers can bypass the protection provided by the encryption. For example…
Contents
-
-
-
-
-
-
Setting the stage34s
-
(Locked)
Buffer overflow attacks1m 41s
-
(Locked)
Buffer overflow countermeasures1m 44s
-
(Locked)
Broken authentication and session management1m 7s
-
(Locked)
Broken authentication and session management countermeasures2m 1s
-
(Locked)
Insecure direct object references1m 24s
-
(Locked)
Insecure direct object references countermeasures52s
-
(Locked)
Sensitive information exposure1m 6s
-
(Locked)
Sensitive data exposure countermeasures1m 37s
-
(Locked)
Other secure coding best practices2m 22s
-
-
-
-